Vulnerability ID 5959

Adobe Acrobat Reader 9.5.1/10.1.3 buffer overflow

CVSSv3 Temp ScoreCurrent Exploit Price (≈)

A vulnerability classified as critical was found in Adobe Acrobat Reader 9.5.1/10.1.3. Affected by this vulnerability is an unknown function. The manipulation with an unknown input leads to a buffer overflow vulnerability. As an impact it is known to affect confidentiality, integrity, and availability.

The weakness was shared 08/14/2012 by John Leitch with Microsoft Vulnerability Research as APSB12-16 as confirmed bulletin (Website). The advisory is shared for download at The vendor cooperated in the coordination of the public release. This vulnerability is known as CVE-2012-4148 since 08/07/2012. The exploitation appears to be difficult. The attack can only be initiated within the local network. The exploitation doesn't need any form of authentication. Technical details are unknown but a private exploit is available.

The vulnerability scanner Nessus provides a plugin with the ID 61561 (Adobe Acrobat < 10.1.4 / 9.5.2 Multiple Vulnerabilities (APSB12-16)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Windows. The commercial vulnerability scanner Qualys is able to test this issue with plugin 120295.

Upgrading to version 9.5.2 or 10.1.4 eliminates this vulnerability. The upgrade is hosted for download at A possible mitigation has been published immediately after the disclosure of the vulnerability.

The vulnerability is also documented in the databases at SecurityFocus (BID 54946), Secunia (SA50281), SecurityTracker (ID 1027386) and Vulnerability Center (SBV-35882). See 5953, 5954, 5955 and 5956 for similar entries.


Base Score: 5.0 [?]
Temp Score: 4.8 [?]
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C [?]
Reliability: High


Base Score: 4.3 (CVSS2#AV:A/AC:H/Au:N/C:P/I:P/A:P) [?]
Temp Score: 3.7 (CVSS2#E:ND/RL:OF/RC:C) [?]
Reliability: High




Class: Buffer overflow (CWE-119)
Local: No
Remote: Partially

Availability: Yes
Access: Private

Current Price Estimation: $25k-$50k (0-day) / $2k-$5k (Today)


Nessus ID: 61561
Nessus Name: Adobe Acrobat < 10.1.4 / 9.5.2 Multiple Vulnerabilities (APSB12-16)
Nessus File: adobe_acrobat_apsb12-16.nasl
Nessus Family: Windows
OpenVAS ID: 802937
OpenVAS Name: Adobe Reader Multiple Vulnerabilities - Mac OS X
OpenVAS File: gb_adobe_prdts_mult_vuln_aug12_macosx.nasl
OpenVAS Family: General
Qualys ID: 120295


Recommended: Upgrade
Status: Official fix
Reaction Time: 0 days since reported
0-Day Time: 0 days since found
Exposure Time: 0 days since known

Upgrade: Acrobat Reader 9.5.2/10.1.4
PaloAlto IPS: 34907


08/07/2012 CVE assigned
08/14/2012 +7 days Advisory disclosed
08/14/2012 +0 days Countermeasure disclosed
08/14/2012 +0 days OSVDB entry created
08/14/2012 +0 days VulnerabilityCenter entry assigned
08/15/2012 +1 days NVD disclosed
08/15/2012 +0 days VulnerabilityCenter entry created
08/17/2012 +2 days VulDB entry created
06/17/2014 +669 days VulnerabilityCenter entry updated
04/20/2016 +673 days VulDB entry updated


Advisory: APSB12-16
Researcher: John Leitch
Organization: Microsoft Vulnerability Research
Status: Confirmed
Coordinated: Yes

CVE: CVE-2012-4148 ( ( (

SecurityFocus: 54946
Secunia: 50281 - Adobe Reader / Acrobat Multiple Vulnerabilities, Highly Critical
SecurityTracker: 1027386 - Adobe Acrobat/Reader Multiple Bugs Let Remote Users Execute Arbitrary Code
Vulnerability Center: 35882 - [APSB12-16] Adobe Acrobat and Reader Unspecified Memory Corruption Vulnerability (CVE-2012-4148), Critical
OSVDB: 84619 - Adobe Reader / Acrobat Unspecified Memory Corruption (2012-4148)

See also: 5953, 5954, 5955, 5956, 5957, 5958, 5960, 5961, 5962, 5963, 5964, 5965, 5966, 5967


Created: 08/17/2012
Updated: 04/20/2016
Entry: 94.4% complete